package p;

import io.netty.internal.tcnative.SSL;
import io.netty.internal.tcnative.SSLContext;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes4.dex */
public abstract class gqs extends zyw implements xps {
    public static final Integer f0;
    public final String[] X;
    public final boolean Y;
    public final nq4 Z;
    public final ReentrantReadWriteLock a0;
    public volatile int b0;
    public long c;
    public final ArrayList d;
    public final c9o e;
    public final int f;
    public final e7t g;
    public final cqs h;
    public final Certificate[] i;
    public final int t;
    public static final grh c0 = i91.f(gqs.class.getName());
    public static final int d0 = Math.max(1, wxx.d(2048, "io.netty.handler.ssl.openssl.bioNonApplicationBufferSize"));
    public static final boolean e0 = wxx.c("io.netty.handler.ssl.openssl.useTasks", true);
    public static final h7t g0 = i7t.c.b(gqs.class);
    public static final boolean h0 = wxx.c("jdk.tls.client.enableSessionTicketExtension", false);
    public static final boolean i0 = wxx.c("jdk.tls.client.enableSessionTicketExtension", true);
    public static final boolean j0 = wxx.c("jdk.tls.server.enableSessionTicketExtension", false);
    public static final boolean k0 = wxx.c("jdk.tls.server.enableSessionTicketExtension", true);
    public static final boolean l0 = wxx.c("io.netty.handler.ssl.openssl.sessionCacheServer", true);
    public static final boolean m0 = wxx.c("io.netty.handler.ssl.openssl.sessionCacheClient", false);
    public static final lw0 n0 = new lw0();

    static {
        Integer num = null;
        try {
            String b = wxx.b("jdk.tls.ephemeralDHKeySize", null);
            if (b != null) {
                try {
                    num = Integer.valueOf(b);
                } catch (NumberFormatException unused) {
                    c0.p("ReferenceCountedOpenSslContext supports -Djdk.tls.ephemeralDHKeySize={int}, but got: " + b);
                }
            }
        } catch (Throwable unused2) {
        }
        f0 = num;
    }

    public gqs(lw0 lw0Var, int i, boolean z, Map.Entry... entryArr) {
        q9o q9oVar;
        d9o d9oVar;
        o71 o71Var = o71.a;
        this.h = new cqs(this);
        this.Z = new nq4();
        this.a0 = new ReentrantReadWriteLock();
        this.b0 = d0;
        b9o.e();
        if (i != 1 && i != 0) {
            throw new IllegalArgumentException("mode most be either SSL.SSL_MODE_SERVER or SSL.SSL_MODE_CLIENT");
        }
        boolean z2 = e0;
        if (entryArr != null) {
            q9oVar = null;
            d9oVar = null;
            for (Map.Entry entry : entryArr) {
                bzw bzwVar = (bzw) entry.getKey();
                if (bzwVar == l9o.f) {
                    ((Boolean) entry.getValue()).booleanValue();
                } else if (bzwVar == l9o.e) {
                    z2 = ((Boolean) entry.getValue()).booleanValue();
                } else if (bzwVar == l9o.g) {
                    q9oVar = (q9o) entry.getValue();
                } else if (bzwVar == l9o.h) {
                    d9oVar = (d9o) entry.getValue();
                } else if (bzwVar == l9o.i) {
                    qjk.q(entry.getValue());
                } else {
                    grh grhVar = c0;
                    StringBuilder m = qjk.m("Skipping unsupported ");
                    m.append(bzw.class.getSimpleName());
                    m.append(": ");
                    m.append(entry.getKey());
                    grhVar.p(m.toString());
                }
            }
        } else {
            q9oVar = null;
            d9oVar = null;
        }
        if (q9oVar != null && d9oVar != null) {
            StringBuilder m2 = qjk.m("You can either only use ");
            m2.append(d9o.class.getSimpleName());
            m2.append(" or ");
            m2.append(q9o.class.getSimpleName());
            throw new IllegalArgumentException(m2.toString());
        }
        this.g = z ? g0.c(this) : null;
        this.f = i;
        if (f()) {
            h2x.q(1, "clientAuth");
        }
        this.t = 1;
        this.X = null;
        this.Y = false;
        this.i = null;
        String[] d = o71Var.d(b9o.c, b9o.a());
        LinkedHashSet linkedHashSet = new LinkedHashSet(d.length);
        Collections.addAll(linkedHashSet, d);
        ArrayList arrayList = new ArrayList(linkedHashSet);
        this.d = arrayList;
        tvq.i(lw0Var, "apn");
        this.e = lw0Var;
        try {
            boolean h = b9o.h();
            try {
                this.c = SSLContext.make(h ? 62 : 30, i);
                StringBuilder sb = new StringBuilder();
                StringBuilder sb2 = new StringBuilder();
                try {
                    if (arrayList.isEmpty()) {
                        SSLContext.setCipherSuite(this.c, "", false);
                        if (h) {
                            SSLContext.setCipherSuite(this.c, "", true);
                        }
                    } else {
                        f55.a(arrayList, sb, sb2, b9o.g());
                        SSLContext.setCipherSuite(this.c, sb.toString(), false);
                        if (h) {
                            SSLContext.setCipherSuite(this.c, b9o.b(c0, sb2.toString()), true);
                        }
                    }
                    int options = SSLContext.getOptions(this.c) | SSL.SSL_OP_NO_SSLv2 | SSL.SSL_OP_NO_SSLv3 | SSL.SSL_OP_NO_TLSv1 | SSL.SSL_OP_NO_TLSv1_1 | SSL.SSL_OP_CIPHER_SERVER_PREFERENCE | SSL.SSL_OP_NO_COMPRESSION | SSL.SSL_OP_NO_TICKET;
                    SSLContext.setOptions(this.c, sb.length() == 0 ? options | SSL.SSL_OP_NO_SSLv2 | SSL.SSL_OP_NO_SSLv3 | SSL.SSL_OP_NO_TLSv1 | SSL.SSL_OP_NO_TLSv1_1 | SSL.SSL_OP_NO_TLSv1_2 : options);
                    long j = this.c;
                    SSLContext.setMode(j, SSLContext.getMode(j) | SSL.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
                    Integer num = f0;
                    if (num != null) {
                        SSLContext.setTmpDHLength(this.c, num.intValue());
                    }
                    List a = lw0Var.a();
                    if (!a.isEmpty()) {
                        throw new Error();
                    }
                    SSLContext.setUseTasks(this.c, z2);
                    if (q9oVar != null) {
                        SSLContext.setPrivateKeyMethod(this.c, new fqs());
                    }
                    if (d9oVar != null) {
                        SSLContext.setPrivateKeyMethod(this.c, new eqs());
                    }
                    SSLContext.setCurvesList(this.c, b9o.m);
                } catch (SSLException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new SSLException("failed to set cipher suite: " + this.d, e2);
                }
            } catch (Exception e3) {
                throw new SSLException("failed to create an SSL_CTX", e3);
            }
        } catch (Throwable th) {
            release();
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static long A(q1 q1Var, xxo xxoVar) {
        long v;
        try {
            du3 content = xxoVar.content();
            if (content.c0()) {
                v = v(content.R0());
            } else {
                du3 f = q1Var.f(content.K0());
                try {
                    f.x1(content.M0(), content.K0(), content);
                    v = v(f.R0());
                    try {
                        if (xxoVar.k()) {
                            qzw.i(f);
                        }
                    } finally {
                    }
                } catch (Throwable th) {
                    try {
                        if (xxoVar.k()) {
                            qzw.i(f);
                        }
                        throw th;
                    } finally {
                    }
                }
            }
            return v;
        } finally {
            ((a6) xxoVar).release();
        }
    }

    public static long B(q1 q1Var, X509Certificate... x509CertificateArr) {
        tvq.h("certChain", x509CertificateArr);
        xps e = ayo.e(q1Var, x509CertificateArr);
        try {
            return A(q1Var, e.a());
        } finally {
            ((a6) e).release();
        }
    }

    public static boolean C(X509TrustManager x509TrustManager) {
        grh grhVar = h8p.a;
        return g8p.h >= 7 && (x509TrustManager instanceof X509ExtendedTrustManager);
    }

    public static X509TrustManager q(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                grh grhVar = h8p.a;
                if (g8p.h < 7) {
                    return (X509TrustManager) trustManager;
                }
                return gao.b.a((X509TrustManager) trustManager);
            }
        }
        throw new IllegalStateException("no X509TrustManager found");
    }

    public static X509KeyManager r(KeyManager[] keyManagerArr) {
        for (KeyManager keyManager : keyManagerArr) {
            if (keyManager instanceof X509KeyManager) {
                return (X509KeyManager) keyManager;
            }
        }
        throw new IllegalStateException("no X509KeyManager found");
    }

    public static void t(long j) {
        if (j != 0) {
            SSL.freeBIO(j);
        }
    }

    public static long v(du3 du3Var) {
        try {
            long newMemBIO = SSL.newMemBIO();
            int K0 = du3Var.K0();
            if (SSL.bioWrite(newMemBIO, b9o.j(du3Var) + du3Var.M0(), K0) == K0) {
                return newMemBIO;
            }
            SSL.freeBIO(newMemBIO);
            throw new IllegalStateException("Could not write data to memory BIO");
        } finally {
            du3Var.release();
        }
    }

    public static p9o x(KeyManagerFactory keyManagerFactory) {
        if (keyManagerFactory instanceof bao) {
            eot eotVar = ((bao) keyManagerFactory).a.b;
            if (eotVar != null) {
                return new z9o((X509KeyManager) eotVar.a, (String) eotVar.b, (Iterable) eotVar.c);
            }
            throw new IllegalStateException("engineInit(...) not called yet");
        }
        if (!(keyManagerFactory instanceof g9o)) {
            return new p9o(r(keyManagerFactory.getKeyManagers()), null);
        }
        g9o g9oVar = (g9o) keyManagerFactory;
        X509KeyManager r = r(g9oVar.getKeyManagers());
        return "sun.security.ssl.X509KeyManagerImpl".equals(r.getClass().getName()) ? new p9o(r, null) : new e9o(r(g9oVar.getKeyManagers()));
    }

    public static long z(q1 q1Var, PrivateKey privateKey) {
        xps xpsVar;
        if (privateKey == null) {
            return 0L;
        }
        byte[] bArr = yxo.f;
        if (privateKey instanceof xxo) {
            xpsVar = ((xxo) privateKey).a();
        } else {
            byte[] encoded = privateKey.getEncoded();
            if (encoded == null) {
                throw new IllegalArgumentException(privateKey.getClass().getName() + " does not support encoding");
            }
            du3 b = kiz.b(encoded);
            try {
                du3 g = qzw.g(q1Var, b);
                try {
                    byte[] bArr2 = yxo.f;
                    int length = bArr2.length + g.K0();
                    byte[] bArr3 = yxo.g;
                    du3 f = q1Var.f(length + bArr3.length);
                    try {
                        f.B1(bArr2);
                        f.A1(g);
                        f.B1(bArr3);
                        zxo zxoVar = new zxo(f, true);
                        qzw.i(b);
                        b.release();
                        xpsVar = zxoVar;
                    } finally {
                    }
                } finally {
                    qzw.i(g);
                    g.release();
                }
            } catch (Throwable th) {
                qzw.i(b);
                b.release();
                throw th;
            }
        }
        try {
            return A(q1Var, xpsVar.a());
        } finally {
            ((a6) xpsVar).release();
        }
    }

    @Override // p.xps
    public final xps a() {
        this.h.a();
        return this;
    }

    @Override // p.xps
    public final xps c(int i) {
        this.h.c(i);
        return this;
    }

    @Override // p.xps
    public final xps d() {
        this.h.d();
        return this;
    }

    @Override // p.zyw
    public final boolean e() {
        return this.f == 0;
    }

    @Override // p.xps
    public final int g() {
        return this.h.g();
    }

    @Override // p.zyw
    public final SSLEngine h(eu3 eu3Var, String str, int i) {
        return w(eu3Var, str, i, true);
    }

    @Override // p.zyw
    public final ozw j(eu3 eu3Var, String str, int i, boolean z) {
        return new ozw(w(eu3Var, str, i, false), z);
    }

    @Override // p.xps
    public final xps m(Object obj) {
        this.h.m(obj);
        return this;
    }

    public final c9o o() {
        return this.e;
    }

    @Override // p.xps
    public final boolean p(int i) {
        return this.h.p(i);
    }

    @Override // p.xps
    public final boolean release() {
        return this.h.release();
    }

    public final void s() {
        Lock writeLock = this.a0.writeLock();
        writeLock.lock();
        try {
            long j = this.c;
            if (j != 0) {
                if (this.Y) {
                    SSLContext.disableOcsp(j);
                }
                SSLContext.free(this.c);
                this.c = 0L;
                x9o y = y();
                if (y != null) {
                    y.a();
                }
            }
        } finally {
            writeLock.unlock();
        }
    }

    public final int u() {
        return this.b0;
    }

    public SSLEngine w(eu3 eu3Var, String str, int i, boolean z) {
        return new lqs(this, eu3Var, str, i, z, true);
    }

    public abstract x9o y();
}
